Skip to main content
POST
/
api
/
webhooks
Create Webhook
curl --request POST \
  --url https://encrata.com/api/webhooks \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "url": "<string>",
  "events": [
    "<string>"
  ],
  "description": "<string>"
}
'
{
  "id": "<string>",
  "url": "<string>",
  "secret": "<string>",
  "events": [
    "<string>"
  ],
  "is_active": true,
  "description": "<string>",
  "created_at": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://docs.encrata.com/llms.txt

Use this file to discover all available pages before exploring further.

Authentication

Requires an API key in the Authorization header. 
Authorization: Bearer YOUR_API_KEY

Request

url
string
required
The HTTPS URL to receive webhook deliveries.
events
string[]
required
List of event types to subscribe to. At least one event is required.Valid events: lookup.completed, apikey.created, apikey.revoked, credits.low, credits.exhausted
description
string
Optional description for the webhook.

Example request

curl -X POST https://encrata.com/api/webhooks \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "url": "https://example.com/webhook",
    "events": ["lookup.completed", "apikey.created"],
    "description": "Production webhook"
  }'

Response

Returns the created webhook object, including the signing secret.
id
string
Unique webhook identifier (UUID).
url
string
The registered webhook URL.
secret
string
The HMAC-SHA256 signing secret. Only returned at creation time — store it securely.
events
string[]
Subscribed event types.
is_active
boolean
Whether the webhook is active (defaults to true).
description
string
Webhook description.
created_at
string
ISO 8601 creation timestamp.

Example response

{
  "id": "360cb300-d885-4c18-af2c-d259f936bb38",
  "workspace_id": "51cdc9d9-203c-4345-b06d-222b560460aa",
  "url": "https://example.com/webhook",
  "secret": "whsec_6cce5d5445b12e649ce9e715a2ef4addc9117d6bf3013a0f388997ed20711b1c",
  "events": ["lookup.completed", "apikey.created"],
  "is_active": true,
  "description": "Production webhook",
  "created_by": "e861d7cb-1d7f-48d9-ab13-9af06a4055cf",
  "created_at": "2026-05-02T12:00:00Z",
  "updated_at": "2026-05-02T12:00:00Z"
}
The secret is only returned when you create the webhook. Store it securely — you’ll need it to verify webhook signatures.